Skip to content

J
jumpserver
Commit efbcacbe authored by ibuler's avatar ibuler
Browse files
Options

加入日志审计

parent e5121fe7
Hide whitespace changes
Inline Side-by-side
Showing with 98 additions and 12 deletions
jumpserver.py
View file @ efbcacbe
...@@ -129,19 +129,19 @@ def connect(host, port, user, password): ...@@ -129,19 +129,19 @@ def connect(host, port, user, password):
global foo global foo
foo = pxssh.pxssh() foo = pxssh.pxssh()
foo.login(host, user, password, port=port, auto_prompt_reset=False) foo.login(host, user, password, port=port, auto_prompt_reset=False)
log = Logs(user=user, host=host, logfile=logfile_name, start_time=timestamp_start) # 日志信息记录到数据库 log = Logs(user=user, host=host, logfile=logfile_name, start_time=timestamp_start, ppid=os.getpid()) # 日志信息记录到数据库
log.save() log.save()
pid = Pid(ppid=os.getpid(), cpid=foo.pid) pid = Pid(ppid=os.getpid(), cpid=foo.pid)
pid.save() pid.save()
logfile = open(logfile_name, 'a') # 记录日志文件 logfile = open(logfile_name, 'a') # 记录日志文件
logfile.write('\n%s\n' % logtime_start) logfile.write('\nDateTime:%s' % logtime_start)
foo.logfile = logfile foo.logfile = logfile
foo.sendline('') foo.sendline('')
signal.signal(signal.SIGWINCH, sigwinch_passthrough) signal.signal(signal.SIGWINCH, sigwinch_passthrough)
foo.interact(escape_character=chr(28)) foo.interact(escape_character=chr(28)) # 进入交互模式
logfile.write('\n%s' % time.strftime('%Y/%m/%d %H:%M:%S')) logfile.write('\nEndTime: %s' % time.strftime('%Y/%m/%d %H:%M:%S'))
log.finish = 1 log.finish = 1
log.end_time = int(time.time()) log.end_time = int(time.time())
log.save() log.save()
......
webroot/AutoSa/AutoSa/views.py
View file @ efbcacbe
...@@ -4,7 +4,7 @@ from django.http import HttpResponse ...@@ -4,7 +4,7 @@ from django.http import HttpResponse
from django.template import RequestContext from django.template import RequestContext
from django.shortcuts import render_to_response from django.shortcuts import render_to_response
from django.http import HttpResponseRedirect from django.http import HttpResponseRedirect
from UserManage.models import User, Group from UserManage.models import User, Group, Logs, Pid
from Assets.models import Assets, AssetsUser from Assets.models import Assets, AssetsUser
import subprocess import subprocess
from Crypto.Cipher import AES from Crypto.Cipher import AES
...@@ -20,6 +20,8 @@ from UserManage.forms import UserAddForm, GroupAddForm ...@@ -20,6 +20,8 @@ from UserManage.forms import UserAddForm, GroupAddForm
import paramiko import paramiko
from django.core.servers.basehttp import FileWrapper from django.core.servers.basehttp import FileWrapper
from AutoSa.settings import CONF_DIR from AutoSa.settings import CONF_DIR
from django.core.paginator import Paginator, InvalidPage, EmptyPage
import time, datetime
cf = ConfigParser.ConfigParser() cf = ConfigParser.ConfigParser()
...@@ -285,7 +287,7 @@ def downKey(request): ...@@ -285,7 +287,7 @@ def downKey(request):
elif request.session.get('admin') == 2: elif request.session.get('admin') == 2:
username = request.GET.get('username') username = request.GET.get('username')
filename = '%s/keys/%s' % (base_dir, username) filename = '%s/%s' % (rsa_dir, username)
f = open(filename) f = open(filename)
data = f.read() data = f.read()
f.close() f.close()
...@@ -871,7 +873,7 @@ def chgKey(request): ...@@ -871,7 +873,7 @@ def chgKey(request):
if error: if error:
return render_to_response('info.html', {'error': error}) return render_to_response('info.html', {'error': error})
keyfile = '%s/keys/%s' % (base_dir, username) keyfile = '%s/%s' % (rsa_dir, username)
jm = PyCrypt(key) jm = PyCrypt(key)
ret = bash('ssh-keygen -p -P %s -N %s -f %s' % (jm.decrypt(user.key_pass), password, keyfile)) ret = bash('ssh-keygen -p -P %s -N %s -f %s' % (jm.decrypt(user.key_pass), password, keyfile))
if ret != 0: if ret != 0:
...@@ -947,8 +949,41 @@ def downFile(request): ...@@ -947,8 +949,41 @@ def downFile(request):
response['Content-Disposition'] = 'attachment; filename=%s' % os.path.basename(path) response['Content-Disposition'] = 'attachment; filename=%s' % os.path.basename(path)
return response return response
return render_to_response('downFile.html', return render_to_response('downFile.html',
{'username': username}, {'username': username},
context_instance=RequestContext(request)) context_instance=RequestContext(request))
\ No newline at end of file
@admin_required
def logView(request):
thirtyDayAgo = (datetime.datetime.now() - datetime.timedelta(30))
thirtyDayAgoStamp = int(thirtyDayAgo.timetuple())
logs_all = Logs.objects.filter(start_time__gt=thirtyDayAgoStamp)
paginator = Paginator(logs_all, 20)
try:
page = int(request.GET.get('page', 1))
except ValueError:
page = 1
try:
logs = paginator.page(page)
except (EmptyPage, InvalidPage):
logs = paginator.page(paginator.num_pages)
return render_to_response('logView.html',
{'logs': logs},
context_instance=RequestContext(request))
webroot/AutoSa/UserManage/models.py
View file @ efbcacbe
...@@ -28,6 +28,7 @@ class Logs(models.Model): ...@@ -28,6 +28,7 @@ class Logs(models.Model):
host = models.CharField(max_length=20) host = models.CharField(max_length=20)
logfile = models.CharField(max_length=1000) logfile = models.CharField(max_length=1000)
finish = models.SmallIntegerField(max_length=4, default=0) finish = models.SmallIntegerField(max_length=4, default=0)
ppid = models.IntegerField()
start_time = models.IntegerField() start_time = models.IntegerField()
end_time = models.IntegerField(default=0) end_time = models.IntegerField(default=0)
......
webroot/AutoSa/templates/base.html
View file @ efbcacbe
...@@ -121,6 +121,10 @@ ...@@ -121,6 +121,10 @@
<li><a href="/showPerm/"><i class="glyphicon glyphicon-send"></i> 查看权限</a></li> <li><a href="/showPerm/"><i class="glyphicon glyphicon-send"></i> 查看权限</a></li>
<li><a href="/addPerm/"><i class="glyphicon glyphicon-send"></i> 添加权限</a></li> <li><a href="/addPerm/"><i class="glyphicon glyphicon-send"></i> 添加权限</a></li>
</ul> </ul>
<div class="menu-first" ><a href="#logMenu" data-toggle="collapse"><i class="glyphicon glyphicon-th"></i> 日志审计</a></div>
<ul id="logMenu" class="nav nav-list navbar-collapse menu-second">
<li><a href="/logView/"><i class="glyphicon glyphicon-send"></i> 查看日志</a></li>
</ul>
<div class="menu-first" ><a href="#fileMenu" data-toggle="collapse"> <div class="menu-first" ><a href="#fileMenu" data-toggle="collapse">
<i class="glyphicon glyphicon-th"></i> 文件传输</a> <i class="glyphicon glyphicon-th"></i> 文件传输</a>
</div> </div>
......
webroot/AutoSa/templates/logView.html 0 → 100644
View file @ efbcacbe
{% extends 'base.html' %}
{% block content %}
<form method="post" action="">
<table class="table table-striped table-hover table-condensed">
<thead>
<tr>
<th><input onclick="selectAll()" type="checkbox" name="select_all" style="select_all" id="select_all"/></th>
<th>id</th>
<th>用户名</th>
<th>主机</th>
<th>监控</th>
<th>命令统计</th>
<th>阻断</th>
<th>开始时间</th>
<th>结束时间</th>
</tr>
</thead>
<tbody>
{% for log in logs.object_list %}
<tr>
<td><input type="checkbox" name="selected" value="{{ log.id }}"></td>
<td>{{ log.user }}</td>
<td>{{ log.host }}</td>
<td><a href="#">监控</a></td>
<td><a href="#">命令统计</a></td>
<td><a href="#">阻断</a> </td>
<td>{{ log.start_time|stamp2str }}</td>
<td>{{ log.end_time|stamp2str }}</td>
</tr>
{% endfor %}
</tbody>
</table>
<!--<button class="btn btn-primary">删除</button>-->
</form>
{% endblock %}
\ No newline at end of file
webroot/AutoSa/templates/showServer.html
View file @ efbcacbe
...@@ -27,7 +27,6 @@ ...@@ -27,7 +27,6 @@
</tr> </tr>
{% endfor %} {% endfor %}
</tbody> </tbody>
</form>
</table> </table>
<button class="btn btn-primary">删除</button> <button class="btn btn-primary">删除</button>
</form> </form>
......
webroot/AutoSa/templatetags/mytags.py 0 → 100644
View file @ efbcacbe
import time
from django import template
register = template.Library
@register.filter('stamp2str')
def stamp2str(value):
try:
return time.strftime('%Y/%m/%d %H:%M:%S',time.localtime(value))
except AttributeError:
return '0000/00/00 00:00:00'
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment